Share via

Using CSOM API - SiteCollection User Roles update fails

Madhu J N 1 Reputation point
2022-09-25T14:59:17.817+00:00

Hi ,

I'm looking for CSOM API or sample code snippet for updating User Roles for a Site Collection

Tenant Admin URL: https://<tenant>-admin.sharepoint.com
SP URL : https://<tenant>.sharepoint.com/Sites/SiteCollection1

Technologies using: C#, CSOM API for ShrarePoint Communication

From Sharepoint UI:
I can update user role Definition from UI

Things I tried using CSOM API:

  1. Logged into above mentioned SP tenant admin URL using admin account (URL: https://<tenant>-admin.sharepoint.com)
  2. Using Site Collection URL (https://<tenant>.sharepoint.com/sites/SiteCollection1), tried changing/Updating User Roles Definitions
  3. Same code works fine that is can Successfully update User Role Definitions for SubSite (URL: https://<tenant>.sharepoint.com/Sites/SiteCollection1/SubSite-A1)

Error/Exception :
Cannot change permissions of root web: https://<tenant>.sharepoint.com/Sites/SiteCollection1

Code Snippet for Quick Reference
SP.RoleDefinitionBindingCollection collRoleDefinitionBinding = new SP.RoleDefinitionBindingCollection(this);
SP.RoleDefinition roletypes = this.Web.RoleDefinitions.GetByType("Editor");
collRoleDefinitionBinding.Add(roletypes);
spOClientContext.Web.RoleAssignments.Add(checkuser, collRoleDefinitionBinding);
spOClientContext.ExecuteQuery();

Thanks,

Microsoft 365 and Office | SharePoint | Development
Microsoft 365 and Office | SharePoint | For business | Windows
Microsoft 365 and Office | SharePoint Server | Development
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Madhu J N 1 Reputation point
    2022-09-26T16:46:50.67+00:00

    Hi @RaytheonXie_MSFT ,
    Yes i broke Inheritance using Web.BreakRoleInheritance(true, true)

    Note:
    For sub-sites this works fine, able t update Roles.
    Fails for Site Collections

    Thanks,
    Madhu

    Was this answer helpful?

  2. Madhu J N 1 Reputation point
    2022-09-26T07:52:30.767+00:00

    Thanks RaytheonXie-MSFT for your response.

    I have implemented by same as above mentioned code snippet.

    Code snippet works for Sub Sites - https://<tenant>.sharepoint.com/sites/SiteCollection1/subsite1

    Fails for SiteCollection -https://<tenant>.sharepoint.com/sites/SiteCollection1

    Failure Error Message: Cannot change permissions of root web: https://<tenant>.sharepoint.com/Sites/SiteCollection1

    Did you tried for with Site Collection input argument.

    Thanks,
    Madhu

    Was this answer helpful?

  3. RaytheonXie_MSFT 40,496 Reputation points Microsoft External Staff
    2022-09-26T05:34:58.51+00:00

    Hi anonymous userJN
    Per my test, please use following code to assign role to sharepoint online user by csom 

    Web web = context.Web;     
Principal user = context.Web.SiteUsers.GetByLoginName(@"X");     
RoleDefinition readDef = context.Web.RoleDefinitions.GetByName("Editor");     
RoleDefinitionBindingCollection roleDefCollection = new RoleDefinitionBindingCollection(context);     
roleDefCollection.Add(readDef);     
RoleAssignment newRoleAssignment = context.Web.RoleAssignments.Add(user, roleDefCollection);     
context.ExecuteQuery();

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.